International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: CCA-Secure PRE Scheme without Public Verifiability

Jun Shao
Peng liu
Jian Weng
Search ePrint
Search Google
Abstract: In a proxy re-encryption (PRE) scheme, a semi-trusted proxy can transform a ciphertext under Alice's public key into another ciphertext that Bob can decrypt. However, the proxy cannot access the plaintext. Due to its transformation property, PRE can be used in many applications, such as encrypted email forwarding. All the existing CCA-secure PRE schemes have a crucial property: the public verifiability of the original ciphertext, i.e., everyone can check the validity of the original ciphertext. In this paper, we propose a novel CCA-secure PRE scheme without public verifiability. This proposal is proven-secure based on the DDH assumption in the standard model. To the best of our knowledge, our proposal is the first CCA-secure unidirectional PRE scheme without pairings in the standard model, which answers an open problem in the PRE field.
  title={CCA-Secure PRE Scheme without Public Verifiability},
  booktitle={IACR Eprint archive},
  keywords={public-key cryptography / proxy re-encryption},
  note={ 14850 received 20 Jun 2010, last revised 16 Aug 2010, withdrawn 29 Aug 2010},
  author={Jun Shao and Peng liu and Jian Weng},